Login Sign Up

CVE-2022-49095

5.5 MEDIUM

📋 TL;DR

This CVE describes a memory resource leak vulnerability in the Linux kernel's zorro7xx SCSI driver. When the driver's remove function is called, it fails to properly release memory-mapped I/O resources that were allocated during probe, potentially leading to kernel memory exhaustion. This affects Linux systems using the zorro7xx driver, primarily on Amiga Zorro bus hardware.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Linux kernel versions before the fix commits (specific versions vary by distribution)
Operating Systems: Linux distributions using affected kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects systems with zorro7xx driver loaded (typically Amiga Zorro bus systems). Most modern Linux systems won't have this driver loaded by default.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Sustained exploitation could lead to kernel memory exhaustion, causing system instability, denial of service, or kernel panic.

🟠

Likely Case

Memory leak gradually consumes kernel resources, potentially leading to system performance degradation or instability over time.

🟢

If Mitigated

With proper kernel memory management controls and monitoring, impact is limited to potential performance issues.

🌐 Internet-Facing: LOW - This is a local kernel driver issue requiring local access or kernel module manipulation.
🏢 Internal Only: MEDIUM - Could be exploited by local users or through other kernel vulnerabilities to cause denial of service.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: NO
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires local access and ability to trigger the driver's remove function. No known public exploits.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in kernel commits: 16ed828b872d12ccba8f07bcc446ae89ba662f9c, 1e0c01319dedf1e63ec5df37ead048e17afd92ba, 34a47f7ddb4fd1cbd12397aa6f7dad1de08b4050, a845c678e094894f38cc9526d212b21933ce44c7, aefd755a96051aa56b198cb7ecd168b22ba384f6

Vendor Advisory: https://git.kernel.org/stable/c/16ed828b872d12ccba8f07bcc446ae89ba662f9c

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commits. 2. Check your distribution's security advisories for backported patches. 3. Reboot system to load patched kernel.

🔧 Temporary Workarounds

Unload zorro7xx module

linux

Remove the vulnerable kernel module if not needed

sudo rmmod zorro7xx

Blacklist zorro7xx module

linux

Prevent the module from loading automatically

echo 'blacklist zorro7xx' | sudo tee /etc/modprobe.d/blacklist-zorro7xx.conf

🧯 If You Can't Patch

  • Monitor kernel memory usage for unusual patterns
  • Restrict local user access to systems using zorro7xx driver

🔍 How to Verify

Check if Vulnerable:

Check if zorro7xx module is loaded: lsmod | grep zorro7xx

Check Version:

uname -r

Verify Fix Applied:

Check kernel version includes fix commits or verify module is not loaded

📡 Detection & Monitoring

Log Indicators:

  • Kernel oom-killer messages
  • System instability logs
  • Memory pressure warnings

Network Indicators:

  • None - this is a local kernel issue

SIEM Query:

Search for kernel panic logs or memory exhaustion events on systems with zorro7xx driver

📊 Metadata

CVE ID: CVE-2022-49095
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-401
EPSS Score: 0.03% exploit probability (7th percentile)
Published: February 26, 2025
Last Updated: September 23, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-49095, you might also want to check these:

CVE-2021-40633 8.8

CVE-2021-40633 is a memory leak vulnerability in gif2rgb, a utility in giflib 5.1.4, allowing remote...

Same vulnerability type (CWE-401)
CVE-2021-3492 8.8

CVE-2021-3492 is a kernel vulnerability in Ubuntu's Shiftfs filesystem where improper error handling...

Same vulnerability type (CWE-401)
CVE-2024-25450 8.8

CVE-2024-25450 is a memory allocation vulnerability in imlib2 v1.9.1's init_imlib_fonts() function t...

Same vulnerability type (CWE-401)